locked
Audiocodes MP-114 RRS feed

  • Question

  • Hi all,

    I have been trying to get outbound phone calling via communicator working and I am struggling at the moment.  I have followed the documentation from Audiocodes website to configure the gateway.  I didn't have a mediation server before so I just set one up fresh.  I followed the simple steps to setup on ocspedia.com with 1 difference, I have only 1 NIC on the server so it listens for both OCS and gateway traffic on this NIC, which I didn't think would be a problem.  I also assume the mediation server will sit in my private LAN and not in the DMZ (or strattle the 2).

    At this time I only care about being able to make outbound calls through communicator.  I would like to make them both in network and remotely if possible (VPN is fine, but if its possible to do without vpn, that would be best).

    I have been tryin to make calls with communicator and I get this each time: An error occurred during the call. More details (ID:18)

    My OCS Standard server, MP114, and Mediation server sit on my LAN.  The Edge and ISA server sit in my DMZ.

    I am pretty sure I don't have the A\V Server connected to the internet correctly on my edge server, but this hasn't been needed so far.

    When I attempt to dial a number in Communicator I get error ID: 18

    I have tried every combination I can come up with.

    My Location Profile looks like this:

    Local Calls
    Phone pattern: ^1(\d{10})$
    Translation pattern: +1$1

    International Calls
    Phone pattern: ^011(\d*)$
    Translation pattern: +$1

    My Route looks like this:

    Target regular expression: ^\+1(801|435|385)(\d{7})$
    Gateway: Mediation.domain.net:5061
    Phone usage: default usage


    On my MP114

    Coders Table
    G117U-law, 1, 0, 0, 0

    SIP Transport: TCP Port 5060

    I can provide any other information you like, but I don't know what to do at this point.

    I wiresharked my OCS Standard server, Madiation Server, my workstation and had the MP114 logging going.  When I attempt a call I see nothing on any server and my workstation shows that communicator is talking to my edge server, which confuses me very much.

    Shouldn't my Comm client hit the OCS server, then OCS route to Mediation, then Mediation to Audiocodes GW?

    I have the Audiocodes GW hooked up to my PBX with 2 ports, I have the 4 FXO port version of the MP114 (not the 2 FXO, 2 FXs version).

    I appreciate any help from anyone.  Thanks so much.


    P.S. I can call the DID assigned by my PBX to port 1 on the MP114, i see activity when i run the OCS debugger (while I call in) and have the mediation server option checked.  I can't make any sense of the logging though.
    Friday, February 20, 2009 11:12 PM

All replies

  • Hi MRME,

    please run traces with the Logging Tool on OCS Mediation Server and analyze it with SNOOPER Tool from Ressource Kit. Maybe you will find the reasons for that trouble in nearly clear text.

    Ok, you can use 1 NIC, but remember this is not supported! But please do not configure 2 IP's on it. Did you?

    Other error cause can be IPv6. Please disable it at the machines und in the registry (DisabledComponents - value FF )

    Please dont forget - your Mediations must be autorizised to acces the Edge internal NIC, if you need Edge to pstn + OC call outbound features!

    Best regards,
    Jan

    Jan Boguslawski | Consultant IT Infrastructure | MCSE, MCTS OCS | ITaCS Berlin | www.itacs.de
    Saturday, February 21, 2009 8:31 AM
  • Jan,

    Thanks for the tips.

    I went ahead and configured a second NIC, they are both on the same LAN and same subnet.  This is why I opted for just 1 NIC, but I guess my thought process was incorrect.

    I did not have 1 IP's on 1 NIC before, just the 1 IP and that is all, but not I have 1 IP per 1 NIC on the same IP Scheme.

    IPv6 is disabled all around, there are no vista boxes in the mix either.

    My mediation server is authorized in the Edge server configuration.  Does the edge require any specific ports to talk back to the Mediation server (besides when the mediation server talks to Edge and gets NATd through firewall between LAN and DMZ)?

    When I enable dubugging on Mediation and then attempt to make a call from my communicator client on my workstation the log is blank, nothing happens, so this is one of the things that has me baffled.  My user is enabled for voice and I am trying to call my cell phone.

    When I call inbound I can see the call log in the mediation server debug session, so I know that at least my gateway is functioning properly in this manner.

    Let me know if I can provide any more information, im really hitting the brick wall with this one.

    Thanks.
    Monday, February 23, 2009 8:16 PM
  • Ok. Lets try to unravel this step by step. Error ID 18 leads to Office Communicator 2007 R2 Error ID: 18 Help Page. You run R2 ??? client and all Servers are R2 ??

    Ok lets agree with help page :) So the SIP URL composed by the called number and your Location profile is wrong.  BTW: is the LOC-Profile set for the user?

    Please try to enter a callee E164 number with plus in front, like +493039978418. Normally this needs no translation before it is sended to Mediation Server, beside you LOC-Profile is forcing it, cause of a misconfiguration.

    Please use the Enterprise Voice Route Helper Tool to analyze and simulize what routing result will occur, by calling internal, city, national, international. I guess their is some kind of overlapping in LOC-Profile.

    Another issue keeps me wondering: Communicator first tries to connect OCS-Edge internal FQDN. Can be a DNS-mixup. But I guess it attempts Edge first to get STUN/ICE support from Edge A/V to overcome NAT and request ICE v19 and ICEv7 (backward compatibilty) canditates (multipart mime format btw in R2). Maybe cause of NAT the Communicator and Edge cant communicate correct and the next step, to Mediation Server will never be executed.

    In your configuration you natted the internal Edge. As in R1 natting here is not supported & will technically not work, afaik about the ICE technique. IT must be full routable. New in a single Edge server R2 is, you can NAT the external A/V IP and it requires the 10000 open Ports on the external FireWall anymore.

    Please check out this Edge info grafic I prepared for the "Edge Discussion" with OCS R1. Please look carefully on the "threesome of STD-Server, Edge and Mediation" marked with the thick arrows ;)

    AFAIK the NO-NAT internal please, is still correct, even in R2. You will also find the request PORT Config in the map.

    Best regards,
    Jan
    Jan Boguslawski | Consultant IT Infrastructure | MCSE, MCTS OCS | ITaCS Berlin | www.itacs.de
    Tuesday, February 24, 2009 5:36 AM
  • I am not on OCS 2007 R2.

    I have tried entering E164 numbers as you described and when I do I get the same Error: 18

    I am not sure I understand what you mean about the Internal Edge and not being routable.  I have 1 Edge server with all edge roles activated.  The edge server has 1 NIC with 4 IP Addresses assigned.  Each role has its own IP Address.  The Edge server is in my DMZ with a firewall between it an my LAN and another firewall between it and the Internet.  Does this mean I need to open additional ports from the Edge to Mediation?  If so, what ports?  Looking at your diagram it makes me think that in order for AV Edge to work it has to sit both on the internet and on the LAN, which to me doesn't seem very secure at all, am I wrong in my assumption?  In R1 wouldn't a firewall that can do static NATs work?
    Tuesday, February 24, 2009 6:24 PM
  • Hello MRME,

    I agree with you in terms of "security and Edge". Looking closely to the deployment requirements leads to the "Edge Discussion" with OCS R1. You can start reading here:

    http://blogs.3sharp.com/deving/archive/2008/04/11/security-and-the-ocs-2007-av-edge-role.aspx

    It is written by someone that had the same "No, GO" effect when he saw it. But please try to follow his journey to enlightenment ;)

    One thing we cold agree is that NAT brings nothing in terms of security. But the rest is useless and partly incorrect.

    Honestly our security / Firewall team did not find the path to "peace of mind", even not with MS whitepaper :) A document that in short say: "We need perfomance, lets reduce security. btw: a deep inspection firewall is a bad bad thing, do not use it!."

    We decided to wait for R2 which can also use the OS-Firewall in W2K8.

    Cause R2 does run on 64bit only and minimum HW-Req. start with: 8GB Ram, two QUAD-Core, alternatily 4 DUAL-Core we have performance for port multiplexing wich was missing in R1.

    In R2 Edge you dont need permantly open 10000 ports, only 3478 UDP and 443 TCP are needed for A/V edge. R2 uses port multiplexing to sort the Audio, Video streams which now all go via 3478 UDP, and if UDP is blocked use the "Universal firewall traversal Protocol" TLS 443. In R1 we had no the needed performance, or system would not scale.
    You can NAT the external A/V IP, but still NO NAT to internal! I guess the what made this possible can be found in the improvement steps with the latest ICEv19.

    My recommendation for you: go with OCS R2 if possible.

    btw: the diagram is from the whitepapers or deployment doc's. I only added some whistles and bells :) But didnt change any port requirements  for example.

    MRME said: I have tried entering E164 numbers as you described and when I do I get the same Error: 18

    But this error, seems nothing to do with the Edge Discussion. If your system is not productive and you can test something please try to follow my article . It is not perfect but always a good starting-point. You can ignore the pbxnsip part an start reading the OCS side. Please note this is an DID example.

    I ll keep my fingers crossed!

    Best regards,

    Jan
    Jan Boguslawski | Consultant IT Infrastructure | MCSE, MCTS OCS | ITaCS Berlin | www.itacs.de
    • Edited by Jan Boguslawski Tuesday, August 18, 2009 1:01 PM wiki link correction to kiwi
    Wednesday, February 25, 2009 1:48 AM
  • Jan,

    I have had some success!!

    I configured my edge server to talk to my OCS frontend as you had mentioned, without NAT.  I filtered only ports 443, 5062 and 3478.  I also looked through your document and edited my location profile to look like yours:

    Phone Pattern: ^(\d*)$
    Translation: +$1
     
    I simply added the + on the translation which I understand needs to happen.

    I am then able to make outbound calls!  This is very satisfying!

    I will test from externally tonight, I am sure I will have to make many firewall changes for this, but I must say that I am very greatful for all your help.  Thanks for sticking with me I appreciate it very much! :)
    Thursday, February 26, 2009 10:42 PM